openpgp regression: C_GetAttributeValue(MODULUS_BITS) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

openpgp regression: C_GetAttributeValue(MODULUS_BITS) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

Leonardo Brondani Schenkel-2
Hello,

With a recent nightly of OpenSC, when the following command is run with
an OpenPGP V2 card with 3 4096-bit RSA keys:

pkcs11-tool --module opensc-pkcs11.dll -O

The following warning is generated 3 times (one per key):

warning: PKCS11 function C_GetAttributeValue(MODULUS_BITS) failed: rv =
CKR_ATTRIBUTE_TYPE_INVALID (0x12)

And the keys are listed as having "0 bits".

This does not occur with 0.13.0. I bisected the code and I found the
commit that introduced this issue:

d4be8ec747ae: "sc_pkcs15_encode_pubkey_as_spki replaces
sc_pkcs15_encode_pubkey_with_param."

Unfortunately my current OpenSC hacking skills are not good enough to
allow me fixing this problem by myself. Does anybody else out there care
to take a look? Since this card has my real keys I'm not including a
full trace log here, but if the information I posted is not enough to
reproduce the problem I can provide a partial trace.

Cheers,
Leonardo.

------------------------------------------------------------------------------
Android apps run on BlackBerry 10
Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
Now with support for Jelly Bean, Bluetooth, Mapview and more.
Get your Android app in front of a whole new audience.  Start now.
http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: openpgp regression: C_GetAttributeValue(MODULUS_BITS) failed: rv = CKR_ATTRIBUTE_TYPE_INVALID (0x12)

Douglas E Engert

On 2/14/2014 11:52 AM, Leonardo Brondani Schenkel wrote:

> Hello,
>
> With a recent nightly of OpenSC, when the following command is run with
> an OpenPGP V2 card with 3 4096-bit RSA keys:
>
> pkcs11-tool --module opensc-pkcs11.dll -O
>
> The following warning is generated 3 times (one per key):
>
> warning: PKCS11 function C_GetAttributeValue(MODULUS_BITS) failed: rv =
> CKR_ATTRIBUTE_TYPE_INVALID (0x12)
>
> And the keys are listed as having "0 bits".
>
> This does not occur with 0.13.0. I bisected the code and I found the
> commit that introduced this issue:
>
> d4be8ec747ae: "sc_pkcs15_encode_pubkey_as_spki replaces
> sc_pkcs15_encode_pubkey_with_param."

This should be fixed with  Viktor's fix-206 branch commit 59af789b7c0345e0874651dd0b7b523275ec905a
https://github.com/viktorTarasov/OpenSC-SM/compare/fix-206

Try this branch.

There were a lot of changes being made to support storing a pubkey as an SPKI in PKCS15, especially
for ECC.


>
> Unfortunately my current OpenSC hacking skills are not good enough to
> allow me fixing this problem by myself. Does anybody else out there care
> to take a look? Since this card has my real keys I'm not including a
> full trace log here, but if the information I posted is not enough to
> reproduce the problem I can provide a partial trace.
>
> Cheers,
> Leonardo.
>
> ------------------------------------------------------------------------------
> Android apps run on BlackBerry 10
> Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
> Now with support for Jelly Bean, Bluetooth, Mapview and more.
> Get your Android app in front of a whole new audience.  Start now.
> http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk
> _______________________________________________
> Opensc-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>

--

  Douglas E. Engert  <[hidden email]>
 


------------------------------------------------------------------------------
Android apps run on BlackBerry 10
Introducing the new BlackBerry 10.2.1 Runtime for Android apps.
Now with support for Jelly Bean, Bluetooth, Mapview and more.
Get your Android app in front of a whole new audience.  Start now.
http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel